US Enhances Cybersecurity Measures Against Growing Threats to Water Systems and Critical Infrastructure
In a collective effort to fortify the nation’s critical infrastructure against escalating cyber threats, the U.S. government, through the Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), and the FBI, has launched an initiative aimed at educating the water and wastewater systems sector. This initiative is designed to bolster their defenses against potential cyberattacks. This move is part of a wider push that also includes the Biden administration’s executive order issued on February 21, aimed at enhancing security measures within the maritime sector and setting improved security standards for the nation’s ports.
The urgency of these measures was highlighted by recent revelations that at least 500 documents, posted on GitHub last week, exposed ongoing attacks by a Chinese hacking group linked to Beijing, known as i-SOON. These attacks, which have occurred over the past decade, targeted at least 14 governments worldwide, alongside critical infrastructure.
Dakota Cary, a strategic advisory consultant at SentinelOne, alongside Aleksandar Milenkoski, shed light on i-SOON’s operations in a co-authored blog. They unveiled that the group vies for low-value contracts issued by various parts of China’s government to execute hacking campaigns. “The price point of these operations, such as breaking into the Vietnamese Ministry of the Economy for $55,000, points to a well-established hack-for-hire market within China,” Cary noted. This is underscored by FBI Director Christopher Wray’s testimony comparing the sheer number of hackers employed by the Chinese government to those in the U.S., demonstrating the maturity and scale of China’s operations.
However, the U.S. is not standing idle. This week saw an international collaboration involving 11 countries in an operation to dismantle the LockBit ransomware gang. Furthermore, the State Department has announced a reward of up to $15 million for information leading to the arrest or conviction of any LockBit gang member. Additionally, on January 31, the FBI successfully disrupted the China-backed KV botnet operated by Volt Typhoon, a significant threat that had infiltrated networks quietly for up to five years, targeting critical infrastructure.
“Our response to such threats isn’t just about halting China or any other adversary; it’s about proactively building a fortress, block by block, to safeguard our critical infrastructure,” stated Morgan Wright, chief security advisor at SentinelOne, and an esteemed SC Media columnist. He emphasized the importance of maintaining a high pace of operations and adaptability to the evolving tactics of adversaries.
Pat Arvidson, chief strategy officer at Interpres Security, pointed out that the People’s Republic of China (PRC) has been engaging in systematic cyber espionage against the U.S. for over a decade, aiming to enhance its industrial and military might. “Now, with their military capabilities believed to be on par with the U.S., China is shifting its strategy towards holding U.S. critical infrastructure at ransom,” Arvidson highlighted. This new phase marks a concerning pivot in China’s long-term strategic objectives.
Adding to the conversation, John Gallagher, vice president of Viakoo Labs, remarked on the evolution of hacking groups into sophisticated entities resembling corporate organizations, complete with governance structures and financial frameworks. He noted, “The existence of such organized operations in China isn’t surprising, but the extent of their depth and reach had remained undetected for a long time.” Gallagher also hinted at the potential for a closer collaboration between the U.S. government and the private sector as tensions and cyber conflicts with China escalate.
As the U.S. continues to enhance its cybersecurity infrastructure and strategies, these revelations and ongoing efforts underscore the critical importance of vigilance, collaboration, and adaptation in the face of burgeoning cyber threats. The commitment to bolster defenses across water systems, maritime sectors, and beyond serves as a testament to the nation’s resolve to protect its critical infrastructure from hostile entities and state-sponsored cyber adversaries.
